Side-Channel Leakage Analysis of Inner Product Masking

The Inner Product Masking(IPM)scheme has been shown to provide higher theoretical security guarantees than the BooleanMasking(BM).This scheme aims to increase the algebraic complexity of the coding to achieve a higher level of security.Some previous work unfolds when certain(adversarial and implementation)conditions are met,and we seek to complement these investigations by understanding what happens when these conditions deviate from their expected behaviour.In this paper,we investigate the security characteristics of IPM under different conditions.In adversarial condition,the security properties of first-order IPMs obtained through parametric characterization are preserved in the face of univariate and bivariate attacks.In implementation condition,we construct two new polynomial leakage functions to observe the nonlinear leakage of the IPM and connect the security order amplification to the nonlinear function.We observe that the security of IPMis affected by the degree and the linear component in the leakage function.In addition,the comparison experiments from the coefficients,signal-to-noise ratio(SNR)and the public parameter show that the security properties of the IPM are highly implementation-dependent.

An Effective and Scalable VM Migration Strategy to Mitigate Cross-VM Side-Channel Attacks in Cloud

Co-residency of virtual machines(VMs) of different tenants on the same physical platform would possibly lead to cross-VM side-channel attacks in the cloud. While most of current countermeasures fail for real or immediate deployment due to their requirement for modification of virtualization structure, we adopt dynamic migration, an inherent mechanism of the cloud platform, as a general defense against this kind of threats. To this end, we first set up a unified practical information leakage model which shows the factors affecting side channels and describes the way they influence the damage due to side-channel attacks. Since migration is adopted to limit the time duration of co-residency, we envision this defense as an optimization problem by setting up an Integer Linear Programming(ILP) to calculate optimal migration strategy, which is intractable due to high computational complexity. Therefore, we approximate the ILP with a baseline genetic algorithm, which is further improved for its optimality and scalability. Experimental results show that our migration-based defense can not only provide excellent security guarantees and affordable performance cost in both theoretical simulation and practical cloud environment, but also achieve better optimality and scalability than previous countermeasures.

Side-Channel Analysis for Detecting Protocol Tunneling

Protocol tunneling is widely used to add security and/or privacy to Internet applications. Recent research has exposed side channel vulnerabilities that leak information about tunneled protocols. We first discuss the timing side channels that have been found in protocol tunneling tools. We then show how to infer Hidden Markov models (HMMs) of network protocols from timing data and use the HMMs to detect when protocols are active. Unlike previous work, the HMM approach we present requires no a priori knowledge of the protocol. To illustrate the utility of this approach, we detect the use of English or Italian in interactive SSH sessions. For this example application, keystroke-timing data associates inter-packet delays with keystrokes. We first use clustering to extract discrete information from continuous timing data. We use discrete symbols to infer a HMM model, and finally use statistical tests to determine if the observed timing is consistent with the language typing statistics. In our tests, if the correct window size is used, fewer than 2% of data windows are incorrectly identified. Experimental verification shows that on-line detection of language use in interactive encrypted protocol tunnels is reliable. We compare maximum likelihood and statistical hypothesis testing for detecting protocol tunneling. We also discuss how this approach is useful in monitoring mix networks like The Onion Router (Tor).

Elimination of Spatial Side-Channel Information for Compact Quantum Key Distribution Senders

For a compact quantum key distribution (QKD) sender for the polarization encoding BB84 protocol, an eavesdropper could take a side-channel attack by measuring the spatial information of photons to infer their polarizations. The possibility of this attack can be reduced by introducing an aperture in the QKD sender, however, the effect of the aperture on the QKD security lacks of quantitative analysis. In this paper, we analyze the mutual information between the actual keys encoded at this QKD sender and the inferred keys at the eavesdropper (Eve), demonstrating the effect of the aperture to eliminate the spatial side-channel information quantitatively. It shows that Eve’s potential on eavesdropping spatial side-channel information is totally dependent on the optical design of the QKD sender, including the source arrangement and the aperture. The height of compact QKD senders with integrated light-emitting diode (LED) arrays could be controlled under several millimeters, showing great potential on applications in portable equipment.

Side-channel attack-resistant AES S-box with hidden subfield inversion and glitch-free masking

A side-channel attack(SCA)-resistant AES S-box implementation is proposed,which is an improvement from the power-aware hiding(PAH)S-box but with higher security and a smaller area.We use the composite field approach and apply the PAH method to the inversion in the nonlinear kernel and a masking method to the other parts.In addition,a delaymatched enable control technique is used to suppress glitches in the masked parts.The evaluation results show that its area is contracted to 63.3%of the full PAH S-box,and its power-delay product is much lower than that of the masking implementation.The leakage assessment using simulation power traces concludes that it has no detectable leakage under t-test and that it at least can thwart the moment-correlation analysis using 665000 noiseless traces.

A Fast Algorithm of Scalar Multiplication Based on Side-Channel Atomicity

Simple power analysis is the most devastating attack on the security of elliptic curve scalar multiplication and can probably retrieve the secret key. In this paper,we analyze the formulas of point doubling and addition on Jacobi-quartic Curve in projective coordination. In addition,a fast and secure side-channel atomic scalar multiplication algorithm is proposed using the side-channel atomic block. Compared with the previous methods,the new algorithm is more efficient. For 192 bits scalar using NAF recoding,the efficiency of the new algorithm is increased by about 6.7%～23% if S/M=0.8 or 12.7%～33.2% if S/M=0.6.

An Efficient Method against Side-Channel Attacks on ECC

Side-channel attacks （SCA） may exploit leakage information to break cryptosystems. In this paper we present a new SCA resistant Elliptic Curve scalar multiplication algorithm. The proposed algorithm, builds a sequence of bit-strings representing the scalar k, characterized by the fact that all bit-strings are different from zero; this property will ensure a uniform computation behavior for the algorithm, and thus will make it secure against simple power analysis attacks （SPA）. With other randomization techniques, the proposed countermeasures do not penalize the computation time. The proposed scheme is more efficient than MOEller＇s one, its cost being about 5% to 10% smaller than MOEller＇s one.

Side-Channel Attacks Based on Collaborative Learning

Side-channel attacks based on supervised learning require that the attacker have complete control over the cryptographic device and obtain a large number of labeled power traces.However,in real life,this requirement is usually not met.In this paper,an attack algorithm based on collaborative learning is proposed.The algorithm only needs to use a small number of labeled power traces to cooperate with the unlabeled power trace to realize the attack to cryptographic device.By experimenting with the DPA contest V4 dataset,the results show that the algorithm can improve the accuracy by about 20%compared with the pure supervised learning in the case of using only 10 labeled power traces.

SFGA-CPA: A Novel Screening Correlation Power Analysis Framework Based on Genetic Algorithm

Correlation power analysis(CPA)combined with genetic algorithms(GA)now achieves greater attack efficiency and can recover all subkeys simultaneously.However,two issues in GA-based CPA still need to be addressed:key degeneration and slow evolution within populations.These challenges significantly hinder key recovery efforts.This paper proposes a screening correlation power analysis framework combined with a genetic algorithm,named SFGA-CPA,to address these issues.SFGA-CPA introduces three operations designed to exploit CPA characteris-tics:propagative operation,constrained crossover,and constrained mutation.Firstly,the propagative operation accelerates population evolution by maximizing the number of correct bytes in each individual.Secondly,the constrained crossover and mutation operations effectively address key degeneration by preventing the compromise of correct bytes.Finally,an intelligent search method is proposed to identify optimal parameters,further improving attack efficiency.Experiments were conducted on both simulated environments and real power traces collected from the SAKURA-G platform.In the case of simulation,SFGA-CPA reduces the number of traces by 27.3%and 60%compared to CPA based on multiple screening methods(MS-CPA)and CPA based on simple GA method(SGA-CPA)when the success rate reaches 90%.Moreover,real experimental results on the SAKURA-G platform demonstrate that our approach outperforms other methods.

Confidential Procedure Model：a Method for Quantifying Confidentiality Leakage

In this paper, we propose a theoretical-information Confidential Procedure Model (CPM) to quantify confidentiality (or information leakage). The advantages of the CPM model include the following: 1) confidentiality loss is formalized as a dynamic procedure, instead of a static function, and described via the "waterfall" diagram; 2) confidentiality loss is quantified in a relative manner, i.e., taken as a quantitative metric, the ratio of the conditional entropy being reserved after observing the entropy of the original full confidential information; 3) the optimal attacks including exhaustive attacks as well as all possible attacks that have (or have not even) been discovered, are taken into account when defining the novel concept of the confidential degree. To elucidate the proposed model, we analyze the information leakage in side-channel attacks and the anonymity of DC-net in a quantitative manner.

Detection Technique of Software-Induced Rowhammer Attacks

Side-channel attacks have recently progressed into software-induced attacks.In particular,a rowhammer attack,which exploits the characteristics of dynamic random access memory(DRAM),can quickly and continuously access the cells as the cell density of DRAM increases,thereby generating a disturbance error affecting the neighboring cells,resulting in bit flips.Although a rowhammer attack is a highly sophisticated attack in which disturbance errors are deliberately generated into data bits,it has been reported that it can be exploited on various platforms such as mobile devices,web browsers,and virtual machines.Furthermore,there have been studies on bypassing the defense measures of DRAM manufacturers and the like to respond to rowhammer attacks.A rowhammer attack can control user access and compromise the integrity of sensitive data with attacks such as a privilege escalation and an alteration of the encryption keys.In an attempt to mitigate a rowhammer attack,various hardware-and software-based mitigation techniques are being studied,but there are limitations in that the research methods do not detect the rowhammer attack in advance,causing overhead or degradation of the system performance.Therefore,in this study,a rowhammer attack detection technique is proposed by extracting common features of rowhammer attack files through a static analysis of rowhammer attack codes.

UTILITY ANALYSIS AND EVALUATION METHOD STUDY OF SIDE CHANNEL INFORMATION

In order to improve the efficiency and success rate of the side channel attack,the utility of side channel information of the attack object must be analyzed and evaluated before the attack implementation.Based on the study of side-channel attack techniques,a method is proposed in this paper to analyze and evaluate the utility of side channel information and the evaluation indexes of comentropy,Signal-to-Noise Ratio(SNR)are introduced.On this basis,the side channel information(power and electromagnetic)of a side channel attack experiment board is analyzed and evaluated,and the Data Encryption Standard(DES)cipher algorithm is attacked with the differential power attack method and differential electromagnetic attack method.The attack results show the effectiveness of the analysis and evaluation method proposed in this paper.

AdaptiveMutate:a technique for privacy preservation

Mobile apps are known to be rich sources for gathering privacy-sensitive information about smartphone users.Despite the presence of encryption,passive network adversaries who have access to the network infrastructure can eavesdrop on the traffic and therefore fingerprint a user’s app by means of packet-level traffic analysis.Since it is difficult to prevent the adversaries from accessing the network,providing secrecy in hostile environments becomes a serious concern.In this study,we propose AdaptiveMutate,a privacy-leak thwarting technique to defend against the statistical traffic analysis of apps.First,we present a method for the identification of mobile apps using traffic analysis.Further,we propose a confusion system in which we obfuscate packet lengths,and/or inter-arrival time information leaked by the mobile traffic to make it hard for intruders to differentiate between the altered app traffic and the actual one using statistical analysis.Our aim is to shape one class of app traffic to obscure its features with the minimum overhead.Our system strives to dynamically maximize its efficiency by matching each app with the corresponding most dissimilar app.Also,AdaptiveMutate has an adaptive capability that allows it to choose the most suitable feature to mutate,depending on the type of apps analyzed and the classifier used,if known.We evaluate the efficiency of our model by conducting a comprehensive simulation analysis that mutates different apps to each other using AdaptiveMutate.We conclude that our algorithm is most efficient when we mutate a feature of one app to its most dissimilar one in another app.When applying the identification technique,we achieve a classification accuracy of 91.1%.Then,using our obfuscation technique,we are able to reduce this accuracy to 7%.Also,we test our algorithm against a recently published approach for mobile apps classification and we are able to reduce its accuracy from 94.8%to 17.9%.Additionally,we analyze the tradeoff between the shaping cost and traffic privacy protection,specifically,the associated overhead and the feasibility for real-time implementation.

Correlated Extra Reductions Defeat Fixed Window Exponentiation

The security of modular power algorithm is a very important research topic, which is the core operation of public key cryptography algorithm. Since the first timing attack was public in 1996, the attacker can exploit time differences between specific events to recover a secret key. In 2016, Dugardin took advantage of extra reductions to attack a regular exponentiation algorithm, which did not entirely adapt the fixed window method with Montgomery’s algorithm. The central thesis of this paper is that there exists a positive correlation between extra reductions of pre-computation and post-computation when the calculation has the same multiplier factor. In this article, basing on this dependency we present an attack method, and confirm the feasibility and effectiveness of it by conducting simulation experiments. Experimental results verify that the method can effectively attack modular power algorithm.

Multiple Parameters Side Channel Signal Analysis Using in Hardware Trojan Detection

As the process of economic globalization deepens,a large variety of integrated circuit designers tends to move the chip's manufacturing to the developing country.But during the globalization of semiconductor design and fabrication process,integrated circuits are suffering from increasing malicious alterations from the untrusted foundries,which pose a serious threat to the military,finance,transportation and other critical systems.An noninvasive approach was presented to measure the physical "sidechannel"parameter of a chip such as current or delay,which is effectively capable of detecting the malicious hardware alternations.The intrinsic relationship of a circuit's side-channel parameters was exploited to distinguish the effect of a Trojan in the presence of large random noise and process noise,such as the Dynamic current(IDDT)versus the maximum operating frequency(Fmax)correlation.The Monte Carlo analysis in Hspice using ± 20% Gauss variations in transistor threshold voltage(Vth)was carried out to simulate the circuit state in the real world.Simulation Results show that this approach is effective to detect the ultra-small Trojans.

Timing Attack Analysis on AA_βCryptosystem

Timing attack is an attack on the implementation of a cryptographic primitive. The attack collects leaked secret data via certain implementation techniques either on software or hardware. This paper provides an analysis of a theoretical timing attack on the AAβ algorithm. The attack discussed in this paper gives avenues for secure implementation of AAβ against timing attacks. The simulation of the attack is important to provide invulnerability features for the algorithm in order to be implemented and embedded on applications. At the end of the attack, a method to overcome it will be introduced and it is called AAβ blinding.

Enhancing Security for Legacy Factory Machines: A Continuous Key Renewal Algorithm for Securing Group of Machines

Companies are generally focused on how to improve their global performance. Concepts, methods and tools are regularly used to transform them. Key performance indicators are used to measure how performance is increased. Industry 4.0 concepts and sustainability expectations actually contribute to this performance improvement. Indeed, cybersecurity as one of these concepts is required to increase the company performance. Even if it is well-known and applied in companies through the protection of their information systems, progress is expected in research on how to ensure the security of data and factory processes in the manufacturing, as the number of cyberattacks towards industries is growing these last few years. This paper aims to increase the company performance and sustainability to enforce factory machines protection by creating private security network groups. But currently, most of the Programmable Logic Controller PLC protocols have not been securely designed. Thus, the creation of secure groups of machines by combining strong authentication, strong or lightweight ciphering, and data stream integrity is proposed. The security is enforced by a continuous key’s renewal algorithm. An experiment on an industry’s architecture has been led to validate the concepts of the proposition. The study is compared to existing OPC-UA and MACsec standards in terms of drawbacks and advantages. This work could be implemented in hardware for further performance improvement.

Hardware Security for IoT in the Quantum Era: Survey and Challenges

The Internet of Things (IoT) has become a reality: Healthcare, smart cities, intelligent manufacturing, e-agriculture, real-time traffic controls, environment monitoring, camera security systems, etc. are developing services that rely on an IoT infrastructure. Thus, ensuring the security of devices during operation and information exchange becomes a fundamental requirement inherent in providing safe and reliable IoT services. NIST requires hardware implementations that are protected against SCAs for the lightweight cryptography standardization process. These attacks are powerful and non-invasive and rely on observing the physical properties of IoT hardware devices to obtain secret information. In this paper, we present a survey of research on hardware security for the IoT. In addition, the challenges of IoT in the quantum era with the first results of the NIST standardization process for post-quantum cryptography are discussed.

Threat Model and Defense Scheme for Side-Channel Attacks in Client-Side Deduplication

In cloud storage,client-side deduplication is widely used to reduce storage and communication costs.In client-side deduplication,if the cloud server detects that the user’s outsourced data have been stored,then clients will not need to reupload the data.However,the information on whether data need to be uploaded can be used as a side-channel,which can consequently be exploited by adversaries to compromise data privacy.In this paper,we propose a new threat model against side-channel attacks.Different from existing schemes,the adversary could learn the approximate ratio of stored chunks to unstored chunks in outsourced files,and this ratio will affect the probability that the adversary compromises the data privacy through side-channel attacks.Under this threat model,we design two defense schemes to minimize privacy leakage,both of which design interaction protocols between clients and the server during deduplication checks to reduce the probability that the adversary compromises data privacy.We analyze the security of our schemes,and evaluate their performances based on a real-world dataset.Compared with existing schemes,our schemes can better mitigate data privacy leakage and have a slightly lower communication cost.

Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks

Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.